Received: by 2002:a05:7412:b130:b0:e2:908c:2ebd with SMTP id az48csp1682091rdb; Sun, 19 Nov 2023 06:17:39 -0800 (PST) X-Google-Smtp-Source: AGHT+IHFIRAkO8l452E4NES8tfno/jE8i9TJnuaMhkCBRljRxE/cwbKcEZiE41XKvcyOLRBNdvaQ X-Received: by 2002:a05:6a20:429b:b0:187:1c39:8543 with SMTP id o27-20020a056a20429b00b001871c398543mr7231212pzj.60.1700403459415; Sun, 19 Nov 2023 06:17:39 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700403459; cv=none; d=google.com; s=arc-20160816; b=sMazL8uRuysZpn0IjBRIjhIJ9bEMHeeNHpREbdg+1PbMOFJTj3gCPR7+nDer3p5a5j +TozlJ+8/t4wwqTYnj5kkeuUP5gRZczONvaux20B5eTKbUe8sSGhjM/FgBx5g2KDDfx9 5In9SKnm464Ut+tvHx3nrcMrPTNlyBJnNBN5FOYa49Hd5HPT73ZbT38IKljdOSy1knzy qydf5wry8SGh6raiUeV0LDGHIIBpTRwml8Qptx8LVvKLiksL5pKmhsS6u0TfValnEfWs 7uYm8QbrqgjMHmMJl2ROkzXt48QsoeA4MElmKmPp2thdNIgiYC1C9aWLAjUt9MEs4Xwc McgQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:references :in-reply-to:mime-version:dkim-signature; bh=wDbu93qLn3xp7ifRdV9v3kk688qF73Xra/YRMvexeNk=; fh=hw0CaKMbwI94Se9dtJ8JvkPT8mQZC1gXskVRoTXWPpQ=; b=oytRihMWhohFifWrOiGLFo3iGkRQgY59wm/HliYyeBhJTDCkL072Dg4zp+uLa+JoNk 9zmPEKj4+VrKq2VdDJgMZZR8Qv5AB62blf6ZO14AfGNTuCIdqbTpDkwltej5fiX8sM2b wRcV58rd/O/mFEQC8vGMdLLQAnDsN0f8AzvxrAsRAQR/H2DV3zhu1Ml0temQcevEpgyv 5YkrzmSLh5zxufM7ME9B4B6z5JbJhsU5hxRCqIl+PX6YB/yyjrrIEBLrtwUQmJWNfQH9 ufx0Am4HcaEuTd98tSYewvVDtex1DkPISYl4et8wboDd4HdSV4d68F4UY+6k4VjjSp6S kmmw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=OqQHuhfz; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from lipwig.vger.email (lipwig.vger.email. [2620:137:e000::3:3]) by mx.google.com with ESMTPS id y38-20020a634b26000000b0059d48c43152si6201729pga.40.2023.11.19.06.17.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 19 Nov 2023 06:17:39 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) client-ip=2620:137:e000::3:3; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=OqQHuhfz; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by lipwig.vger.email (Postfix) with ESMTP id 106DB807E792; Sun, 19 Nov 2023 06:17:37 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at lipwig.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230027AbjKSORa (ORCPT + 99 others); Sun, 19 Nov 2023 09:17:30 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50856 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229659AbjKSOR3 (ORCPT ); Sun, 19 Nov 2023 09:17:29 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8E30BF9 for ; Sun, 19 Nov 2023 06:17:26 -0800 (PST) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 0ED30C433CB; Sun, 19 Nov 2023 14:17:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1700403446; bh=7NqbVgFEGfY4te5OX45ttPp1nJ/CKMXIyvt1H9KH6XM=; h=In-Reply-To:References:From:Date:Subject:To:Cc:From; b=OqQHuhfzdyb6alWAFOV5H3faOpoQHYdT998Wq+pFrr7JM8W6HZ6XJYaaLeS3Ds7o6 XoJr4j68XyEWX83lYInR0azbEn6Sj74Aw2iLtuAyGy8iu+8BoV7kjnX47gdIu+UNLJ icgTpJgpjuiheenr96VXszcfJtXN8jQuwZfLwNRsudrU0sw0Y1AekIyg+najkuB6LV uDzU2VMoMOXGZuAh+YaFUxg3TKkZ2tLAj0BeV3LDwYopWPfxmvpahAXlmG5i/R/sOY B/pyidSg0y7ladp+YkzLFCOsHDW8lJQp6bRWkKKgEH4kLE5/AgJgc7NAkrnfFW06ZI jpVVld/r3ebaA== Received: by mail-oo1-f49.google.com with SMTP id 006d021491bc7-589d4033e84so1889536eaf.1; Sun, 19 Nov 2023 06:17:26 -0800 (PST) X-Gm-Message-State: AOJu0YwDCb/ByLkj4MmF1M8Bd5WRYpV9r8MxjB6NXlWz4LW08+s3RSFG Toz61Q6+DKKn5Sycryf/8+PX+XKnqLWB1CTLtj0= X-Received: by 2002:a05:6820:1623:b0:58a:1595:c645 with SMTP id bb35-20020a056820162300b0058a1595c645mr4943277oob.4.1700403445255; Sun, 19 Nov 2023 06:17:25 -0800 (PST) MIME-Version: 1.0 Received: by 2002:ac9:5847:0:b0:507:5de0:116e with HTTP; Sun, 19 Nov 2023 06:17:24 -0800 (PST) In-Reply-To: References: <20231109011725.1798784-1-min_halo@163.com> From: Namjae Jeon Date: Sun, 19 Nov 2023 23:17:24 +0900 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v2] ksmbd: prevent memory leak on error return To: Pierre Mariani Cc: Zongmin Zhou , linux-cifs@vger.kernel.org, linux-kernel@vger.kernel.org, senozhatsky@chromium.org, sfrench@samba.org, tom@talpey.com, kernel test robot , Dan Carpenter , Zongmin Zhou Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-1.2 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Sun, 19 Nov 2023 06:17:37 -0800 (PST) 2023-11-19 18:14 GMT+09:00, Pierre Mariani : > On 11/8/2023 5:17 PM, Zongmin Zhou wrote: >> When allocated memory for 'new' failed,just return >> will cause memory leak of 'ar'. >> >> v2: rollback iov_alloc_cnt when allocate memory failed. >> >> Fixes: 1819a9042999 ("ksmbd: reorganize ksmbd_iov_pin_rsp()") >> >> Reported-by: kernel test robot >> Reported-by: Dan Carpenter >> Closes: https://lore.kernel.org/r/202311031837.H3yo7JVl-lkp@intel.com/ >> Signed-off-by: Zongmin Zhou >> --- >> fs/smb/server/ksmbd_work.c | 5 ++++- >> 1 file changed, 4 insertions(+), 1 deletion(-) >> >> diff --git a/fs/smb/server/ksmbd_work.c b/fs/smb/server/ksmbd_work.c >> index a2ed441e837a..44bce4c56daf 100644 >> --- a/fs/smb/server/ksmbd_work.c >> +++ b/fs/smb/server/ksmbd_work.c >> @@ -123,8 +123,11 @@ static int __ksmbd_iov_pin_rsp(struct ksmbd_work >> *work, void *ib, int len, >> new = krealloc(work->iov, >> sizeof(struct kvec) * work->iov_alloc_cnt, >> GFP_KERNEL | __GFP_ZERO); >> - if (!new) >> + if (!new) { >> + kfree(ar); >> + work->iov_alloc_cnt -= 4; >> return -ENOMEM; >> + } >> work->iov = new; >> } >> > > A few lines above, ar is allocated inside the 'if (aux_size)' block. > If aux_size is falsy, isn't it possible that ar will be NULL hence > we should have 'if (ar) kfree(ar);'? We need to initialize ar to NULL on that case. And Passing a NULL pointer to kfree is safe, So NULL check before kfree() is not needed. Thanks. >